Information Security News mailing list archives
Amazon fixes security flaw in Kindle ebooks
From: InfoSec News <alerts () infosecnews org>
Date: Wed, 17 Sep 2014 10:34:11 +0000 (UTC)
http://www.itpro.co.uk/security/23124/amazon-fixes-security-flaw-in-kindle-ebooks By Clare Hopping IT Pro 17 Sep, 2014Amazon has responded to complaints about malware present on Kindle ebooks by fixing the security flaw.
Yesterday, it was revealed that some ebooks downloaded from the internet were installing malware on the ereader, meaning hackers could potentially gain access to users' Amazon accounts or personal details for identity fraud purposes.
Security researcher Benjamin Daniel Mussler uncovered the flaw and said Amazon was very much open to a cross-site scripting attack.
The issue is not thought to affect people who buy their books from Amazon, but could arise if they use an illegal download or untrustworthy ebook site.
[...] -- Evident.io - Continuous Cloud Security for AWS. Identify and mitigate risks in 5 minutes or less. Sign up for a free trial @ https://evident.io/
Current thread:
- Amazon fixes security flaw in Kindle ebooks InfoSec News (Sep 17)